Synchronous Authentication Key Management Scheme for Inter-eNB Handover over LTE Networks

Nashwan, Shadi

doi:10.14569/ijacsa.2017.080813

Cited by 5 publications

(5 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, unauthorized access to the sensitive data that have been collected by the sensor nodes can lead to a loss of employment or government health benefits for the patient, as well as inaccurate or fabricated medical records [3]. Furthermore, other types of attacks can be carried out due to the limited capabilities of the sensor nodes, such as smartcard loss, removing the anonymity of the healthcare professionals or patients, and man-in-the-middle, impersonation, insider, desynchronization, and replay attacks [3][4][10][11][12][13][14][15]. Therefore, the primary concern when implementing a healthcare system is ensuring the confidentiality, availability, and integrity of the services in order to protect the patients' privacy and the data that are transmitted between the different elements of the system [16,17].…”

Section: Introductionmentioning

confidence: 99%

Secure and Anonymous Three-Factor Authentication Scheme for Remote Healthcare Systems

Alanazi¹,

Nashwan²

2022

Computer Systems Science and Engineering

Self Cite

View full text Add to dashboard Cite

Wireless medical sensor networks (WMSNs) play a significant role in increasing the availability of remote healthcare systems. The vital and physiological data of the patient can be collected using the WMSN via sensor nodes that are placed on his/her body and then transmitted remotely to a healthcare professional for proper diagnosis. The protection of the patient's privacy and their data from unauthorized access is a major concern in such systems. Therefore, an authentication scheme with a high level of security is one of the most effective mechanisms by which to address these security concerns. Many authentication schemes for remote patient monitoring have been proposed recently. However, the majority of these schemes are extremely vulnerable to attacks and are unsuitable for practical use. This paper proposes a secure three-factor authentication scheme for a patient-monitoring healthcare system that operates remotely using a WMSN. The proposed authentication scheme is formally verified using the Burrows, Abadi and Needham's (BAN) logic model and an automatic cryptographic protocol verifier (ProVerif) tool. We show that our authentication scheme can prevent relevant types of security breaches in a practical context according to the discussed possible attack scenarios. Comparisons of the security and performance are carried out with recently proposed authentication schemes. The results of the analysis show that the proposed authentication scheme is secure and practical for use, with reasonable storage space, computation, and communication efficiency.

show abstract

Section: Introductionmentioning

confidence: 99%

Secure and Anonymous Three-Factor Authentication Scheme for Remote Healthcare Systems

Alanazi¹,

Nashwan²

2022

Computer Systems Science and Engineering

Self Cite

View full text Add to dashboard Cite

show abstract

“…With the growing demand for healthcare IoT systems, many healthcare IoT authentication schemes have been proposed to resolve the security weaknesses and to prevent different types of attack that target the patient's privacy and the integrity of remote clinical diagnostics [12][13][14][15][16][17][18][19][20]. These attacks can be summarized as the password table attack, man-in-the-middle attack, wrong login information attack, replay attack, impersonate attack, insider attack, smart card loss attack, and desynchronization attack [21][22][23][24][25]. Most healthcare IoT authentication schemes that have been proposed are unable to prevent all these attacks, especially the desynchronization attack [26,27].…”

Section: Introductionmentioning

confidence: 99%

“…Usually, to maintain consistency and synchronization between the communication nodes in such systems, the authentication schemes use different synchronization techniques, such as random numbers, pseudonym identities, timestamps, serial numbers, and hash functions [11][12][13][14][15][16][17][18][19][20][21][22][23][24]. Therefore, the improper use of such techniques to renew the nodes' identities and the session keys that will be used in the next authentication sessions may lead to extensive computational costs to prevent desynchronization attacks [25,28].…”

Section: Introductionmentioning

confidence: 99%

Analysis of the Desynchronization Attack Impact on the E2EA Scheme

Nashwan¹

2022

Computer Systems Science and Engineering

Self Cite

View full text Add to dashboard Cite

The healthcare IoT system is considered to be a significant and modern medical system. There is broad consensus that these systems will play a vital role in the achievement of economic growth in numerous growth countries. Among the major challenges preventing the fast and widespread adoption of such systems is the failure to maintain the data privacy of patients and the integrity of remote clinical diagnostics. Recently, the author proposed an end-to-end authentication scheme for healthcare IoT systems (E2EA), to provide a mutual authentication with a high data rate between the communication nodes of the healthcare IoT systems. Although the E2EA authentication scheme supports numerous attractive security services to resist various types of attack, there is an ambiguous view of the impact of the desynchronization attack on the E2EA authentication scheme. In general, the performance of the authentication scheme is considered a critical issue when evaluating the applicability of such schemes, along with the security services that can be achieved. Therefore, this paper discusses how the E2EA authentication scheme can resist the desynchronization attack through all possible attack scenarios. Additionally, the effect of the desynchronization attack on the E2EA scheme performance is analyzed in terms of its computation and communication costs, based on a comparison with the recently related authentication schemes that can prevent such attack. Moreover, this research paper finds that the E2EA authentication scheme can not only prevent the desynchronization attack, but also offers a low cost in terms of computations and communications, and can maintain consistency and synchronization between the communication nodes of the healthcare IoT systems during the next authentication sessions.

show abstract

“…One of the promising authentication schemes proposed to enhance the security features of the LTE network is a secure anonymity key of authentication and key agreement (SAK-AKA) scheme [3]. The SAK-AKA scheme can support attractive security services such as full mutual authentication, perfect forward secrecy, and anonymity services [3], [4], [5], [6] [7]. Furthermore, the SAK-AKA scheme can resist numerous types of related attacks such as the denial of service (DOS), replay, desynchronization, and man-in-the-middle attacks [8], [10], [11].…”

Section: Introductionmentioning

confidence: 99%

Reducing the Overhead Messages Cost of the SAK-AKA Authentication Scheme for 4G/5G Mobile Networks

Nashwan

2021

IEEE Access

Self Cite

View full text Add to dashboard Cite

One of the recently proposed authentication schemes for 4G/5G mobile networks is a secure anonymity key of authentication and key agreement scheme (SAK-AKA), wherein the home subscriber server (HSS), mobility management entity (MME), and user equipment (UE) represent authentication entities. In the SAK-AKA scheme, UE authentication is performed through an initial authentication processes session (IAPS) and subsequent authentication processes session (SAPS) phases to ensure that the UE is authorized to use the network services. In IAPS, the MME accesses the HSS to obtain the authentication parameters and delegates the HSS to execute the authentication process with the UE mutually. Since accessing the HSS is expensive, the HSS generates a number (k) of authentication vectors (AVs) and then sends them back to the MME one at a time. SAPS is then executed (k) times to authenticate the UE without going back to the HSS. Therefore, it is useful to choose a specific value of (k) that would reduce the traffic cost. In this paper, we proposed an analytical cost function model to examine the effect of the (k) value on the transmission cost of authentication processes. The proposed model assumes that the signaling traffic of the SAK-AKA scheme is represented by a Poisson process where the authentication request time has an exponential distribution. This model was analyzed numerically to identify appropriate values of the (k-AVs) that can minimize the overhead messages cost of the SAK-AKA scheme.

show abstract

Synchronous Authentication Key Management Scheme for Inter-eNB Handover over LTE Networks

Cited by 5 publications

References 12 publications

Secure and Anonymous Three-Factor Authentication Scheme for Remote Healthcare Systems

Secure and Anonymous Three-Factor Authentication Scheme for Remote Healthcare Systems

Analysis of the Desynchronization Attack Impact on the E2EA Scheme

Reducing the Overhead Messages Cost of the SAK-AKA Authentication Scheme for 4G/5G Mobile Networks

Contact Info

Product

Resources

About